RE i MARKS/ARGy i MENTS i 

Applicant respectfully requests reconsideration of this application in view of the 
following remarks. 

Claim 1 , claim 14, and claim 22 have been amended to more particularly point out 
Applicant's invention. No new matter has been added. 



Claim Rejection under 3§ U.S.C. § 1Q2|e| 
The Office at 5 states: 

5. Claims 1-4, 10, 12, 14-16 and 22-26 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Purtell et al U.S. Patent Ho, 6,950,947 Bl , 

(Emphasis in original.) 

Claims 1, ...1.4, and 22 ...Rejection .under 3S.U,S,C,..§..102(e).-. Purtel! 

The Office at 5 states: 

As to claims 1, 14 and 22, Purtell et al discloses a method for traversing a 
firewall, comprising: 

initiating a first connection to go through the firewall [column 
7 line 18 to column 8 line 62] ; 

evaluating the first connection for a response from a remote 
system indicating a successful first connection [column 7 line 18 to 
column 8 line 62] ; 

initiating a second connection to go through the firewall if a 
successful first connection is not established [column 7 line 18 to 
column 8 line 62] ; 

evaluating the second connection for a response from a remote 
system inaicatmq a successful second connection [column 7 line 18 to 
column « line ; 

initiating a third connection to go through the tirewail if a 
I - e<, hi e - nd in e -t ]<.n ] i of e< 3 -it lu.iei [ lunn " ] i te 1 f 
column 8 line 62] ; and 
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evaluating the third connection for a response from a remote 
system indicating a successful third connection [column 7 line 18 to 
column 8 line 62] . 

The cited reference stales in part: 

Referring to FIG. 5, a process is shown for using a CCB 300 when opening a connection from a firewall ] 00 to 
i i\Urni n \s ^ 1 1 I ns'ipMO t e ill lit tuvi in ns' utile hut -utile 1 i dun' 1 H r!h d U 
udi t i "ipti'e ' mi f sj i if i\t n i * tt 114 T in. ill 1 K di! rmim t iC'ToUS lu iu i\is' !bo' 
mt t! slur d emneOio s' iti d it t M\ i ir P mnei ( I iti n t fl fill H \ 1 ih 1 e iti ->emi 14 T i 
puseric n Kim )' suih i CI ^ )( vu i»i f! Huht I nh I ru ill 1 if H mm t ! ) tlx r i i 1 4 
No' t te ^'P In ties (1 !( rids i ^ 11 i^ k tlx xiih sa irll- Y " i on no ihi ui'in u 
eruluon/e ind i U li IT' Pun mne ' s tn* m 1 u n* v v' m ill n ml uou In! ek i Iq 
141 fin illbX'dit m in \du!he iS^ m in V Hi u lunKuiud id 1 f l it t to 14 

\( £ md 'or i L tnkl t nil it ij Jiuli jhi i i sail turn ill mij luhi hmuui ! llu i 
l oneo.oTnul 1 iS^ Halibut se t la n the n, lUn Lh! i iroal! >< r past L the ait n\ b\ the 
ti tr 14 e opoi i e ntnet k " lad 1-s th t nu ill 1 >< he a pou uf ml \0 tu > x U r s p H 't Hit. 
U 5 IirU-ird oilis \tl known to ose h td i heart In k p vn it t he pr-ls uhr str er 1 1 4 has nturvd >- f 
i J^i ' tithe i v^ll un tin tsrtvn 1" > upeht > the < <. P n ith the 1 k m oni atium itnteeowt ti 
i the en ettnn bttvitin tin lire ^ I'OanJth rs ^.r 1 4 C etttmi nit d Iron e pa set >rp lets o t umn^ th 
A 1 -tnd u kfiv T "e t rev ill ! H then Ira nit an H k to th ene ri 4 ^s e\p eke. in the 1 1 Psta dn r et_s 
o pen the oth e r end oi the connection. 

H i e\ er, it ne fiid s.' } ar re e i id lnn'\ ner 14 m st p v 4, the p r ite pr i eeds t > ep i % In 

k-> us tin ire ^ 1 H d termi \ th r^iks fh_ hi 1>l n n ee dinn the j. rt tui-r sen f 1 14 PM is ^i 

T>bn nliontorrt et and n Une^rdlU ten n and ssued Ire n i tr^rlo-it tnt a tract w s_ M^tlct ^hen 

Hit st rv r eetet„ i „ nu nee one "slhtr anon 1 I he -eM kai ^wdlkne n p rt it Hit l< \ stinkard -a\& 

iluu tl! Lne n I . r > t ski ed i In ^ It the i r mil 1 H h n» J^n P I II^l ^ii th til r ; er 

1 4, rvn he ->ro- e pre ee 1 te stt •> s lu \ re the it i v^ll ^ j ie^qtes ' < m h Hit s at nt mi t oi n si o-t>t d 

ui'htht ' ik t t the umatnn b Uu. n the lire % i luimc'^e er 34 i likunne 1 trem the tuLlI i pick t 
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containing the RST flag. The firewall IW then considers the connection attempt rejected. However, in step 508, if no 
RSi flag, is received from th e particular server 1 14, the firewall KM' continues to wait for a h xed period of time tor a 
res ponse from the server 114. This hxed period ol time is preferably substantial^ equal to the round trip time |KTI ) 
estimate. Preferably, li a CCB 3UU exists for the connection, then the R i 1 contained within the CCB is used. If no 

MP. iP.^^b'f.iMjjgJj using exponentially increasing but bounded waiting periods. For example, the waiting periods may 
be two tunes the KT I, then four times the Rl I , then eight times the 1< f 1 , and so on, up to the upper bound. If no 
conne ction is established, the client 112 is notified by the fire w all UK) th at the connection a ttempt wit h the particular 
server 1 14 was unsuccessful. No connection is e s tablishe d. . . . 

(Emphases added.) 

Applicant submits thai Purtell et al ("PurteH") in the cited section and Figure 5 
discloses a firewall 100 receiving an instruction from a client 1 12 behind the firewall to 
retrieve data from a server 1 14 outside the firewall 100. The firewall computer 100 checks 
for a control block 500, and then sends a single type connection request (SYN) for a 
connection 502 to a server 114. If the request is acknowledged 504 then the control block 
is updated 508 and a connection is established 518, communication occurs and when done 
the connection is shut down 520, the control block is updated 522 and the connection 
closed 524. 

If on the other hand the single type connection request (SYN) for a connection 502 
to a server 1 14 is NOT acknowledged then a check is made to see if a reset command was 
received 508 and if so then the control block 51 0 is updated immediately otherwise a 
timeout 512 occurs and muljjpjejetrans before the control 

block 51 0 is updated, then the connection is closed 51 4. 

As amended, Applicant's independent claims 1,14, and 22 recite 
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"wherein said second connection is different than said first connection" and '' wherein 
saidjhird^ 
(Emphases added.) 

NOWHERE in Purtell is there any mention of a second, much less a third connection 
attempt as Applicant has claimed wherein the connections are different thusiy, citing from 
claim 1 : 

initiating a second connection to go through said firewall if a successful first 
connection is not established, wherein said second connection is different than said first 
connection; 

evaluating the second connection for a response from a remote system indicating a 
successful second connection; 

initiating a third connection to go through said firewall if a successful second 
connection is not established, wherein said third connection is different than said second 
connecjj^ and 

evaluating the third connection for a response from a remote system indicating a 
successful third connection. 
(Emphases added.) 

Applicant respectfully asserts that a prima fade rejection of claims 1,14, and 22 
under 35 U.S.C. § 1 02 based upon Purtell should be withdrawn. In order to establish a 
prima facie rejection under 35 U.S.C. § 102, the United States Patent & Trademark Office 
(USPTO) must provide a "single prior art reference [in which] disclosure of each and every 
element of the claimed invention, arranged as in the claim [exists in the reference]." 
Lindemann Maschinenfabrik v. American Hoist & Derrick {"Lindemann"), 730 F.2d 1452, 
1 458 (Fed. Cir. 1 984) (Emphases added). Additionally, each and every element of the 
claim must be exactly disclosed in the anticipatory reference. Titanium Metals Corp, of 
America v. Banner, 778 F.2d 775, 777 (Fed. Cir. 1985). 

Applicant submits that because Purtell fails to disclose a second and third 
connections that are each different, that Purtell fails to anticipate what Applicant has 
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claimed. Applicant respectfully requests allowance of independent claims 1,14, and 22; 
and claims 2-4, 10, 12, 15, 1 8, and 23-28 which are dependent on these independent 
claims. 



Claims 2, 15, and 23 Rejection under 35 U.S.C. § 102(e) - Purtell 

The Office at 5 states; 

As to claims 2, 15 and 23, Purtell et al discloses that the first 
connection, the second connection, and the third connection is selected from 
the group consisting of Transmission Control Protocol (TCP) connection, User 
Datagram Protocol (UDP) connection, hypertext transfer protocol (HTTP) 
connection, hypertext transfer protocol (HTTP) connection via a proxy 
connection, and Internet Control Message Protocol (ICMP) connection [column 3 
line 51 to column 4 line li] . 

As amended, Applicant's independent claim 1 , claim 1 4, and claim 22 now recite a 
limitation wherein the second connection is different than the first connection and the third 
connection is different than the second connection and the first connection upon which 
dependent claim 2, claim 15, and claim 23 respectively depend. Applicant submits that 
because Purtell fails to disclose a second and third connections that are each different, that 
Purtell fails to anticipate what Applicant has claimed. Applicant respectfully requests 
allowance of dependent claims 2, 15, and 23. 

The additional limitations in claims 2, 15, and 23 are also not anticipated. Applicant 
respectfully requests allowance of claims 2, 15, and 23. 
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ClaimJ Relecl,!^!!^^^^^!^!! UJ>.CJL1^^ 



The Office at 5 states: 

As to claim 3. Purtell et al d.1 
comprises .initiating a TCP connect ioi 
[column 3 line 51 to column 4 line i: 



.scioses that initiating a TCP connection 
i to a predefined address and port 
L] - 



As amended, Applicant's independent claim 1 now recites a limitation wherein the 
second connection is different than the first connection and the third connection is different 
than the second connection and the first connection upon which dependent claim 3 
depends. Applicant submits that because Purtell fails to disclose a second and third 
connections that are each different, that Purtell fails to anticipate what Applicant has 
claimed. Applicant respectfully requests allowance of dependent claim 3. 

The additional limitation in claim 3 is also not anticipated. Applicant respectfully 
requests allowance of claim 3. 



Claim 10 Rejection under 3§ U.S.G. § 102fe) - Purtell 
The Office at 5 states: 

As to claim 10, Purtell et ai discloses using Internet Protocol (IP) 
[column 3 line 51 to column 4 line 11] . 

As amended, Applicant's independent claim 1 now recites a limitation wherein the 
second connection is different than the first connection and the third connection is different 
than the second connection and the first connection upon which dependent claim 10 
depends. Applicant submits that because Purtell fails to disclose a second and third 
connections that are each different, that Purtell fails to anticipate what Applicant has 
claimed. Applicant respectfully requests allowance of dependent claim 10. 

The additional limitation in claim 10 Is also not anticipated. Applicant respectfully 
requests allowance of claim 10. 
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Claim 12 Refection under 35 U.S.G, § 102fe| - Purled 



The Office al 5 slates: 

As to claim 12, Purtell et al discloses using Ethernet with the 
smission Control Protocol (TCP) [column 3 line 51 to column 4 line 11] , 



As amended, Applicant's independent claim 1 now recites a limitation wherein the 
second connection is different than the first connection and the third connection is different 
than the second connection and the first connection upon which dependent claim 12 
depends. Applicant submits that because Purtell fails to disclose a second and third 
connections that are each different, that Purtell fails to anticipate what Applicant has 
claimed. Applicant respectfully requests allowance of dependent claim 12. 

The additional limitation in claim 12 is also not anticipated. Applicant respectfully 
requests allowance of claim 12. 



Claims Rejection under 35 ...U.S.C. f .102(b).- Freund 

The Office at 8 states; 

6, Claims 17-21 are rejected under 35 U.S.C, 102(b) as being anticipated by 
Freund U.S. Patent No, 5,987,611, 

(Emphasis in original.) 



Claim 17 Rejection under 35 U.S.C. § 102fb| - Freund 
The Office at 8 states; 

As to claim 17, Freund discloses a firewall traversal system 
comprising ; 

a main system coupled to storage [column 14 line 52 to column 15 
line 11] ; 

a communication subsystem coupled to the main system and a 
communication medium on one side of a firewall [column 5, lines 9-27] ; 
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a packet examining subsystem coupled to the communication 
subsystem [column 5, lines 34-50]; and 

a database system coupled to the packet examining subsystem and 
the main system [column 6, lines 13-27] . 

The cited reference [column 14 iin© 52 to column 15 line 11] states; 

I'IG. 3a provides an overview oi an Internet-based (client/server) svstem 3U0 m which the present invention 
may be embodied. As shown, the system includes multiple clients 310 ( e.g., clients i 1 oa, 3 lob. 3 S 0c, each of which 
comprises a personal computer or workstation, such as system luo) connected to a network 320, such as a Windows 1 
Local Area Network ('Microsoft Corporation ol Redmond, Wash.). Each client includes a client-side monitoring 
component for monitoring. Internet access in accordance with the present invention, as specifically shown at 3 1 la, 313b, 
and 311c. I he network 320 is connected to a server 321 (or another client! having a supervisor or verifier component 
323. I he supervisor component 323 provides independent verification of the clients, for allowing or disallowing requests 
of each particular client In effect, the supervisor 323 directs runtime monitoring operations. 

F he network J20 itself can be a server-based network ( e.g., W indows N 1 Server providing services to network 
clients! or, alternatively, a peer-to-peer network, communications to the outside (e.g., Internet! are typically achieved 
using I CP/iP protocol. I he local network 320 communicates with the Internet, shown at 340, preferably through a 
' itrewall" 330. Ihe firewall 33d itsell may be implemented in a conventional manner, such as employing a router-based 
or server-based hrewall process for monitoring communications with various Web servers 3>0 connected to the Internet 
340. 

Firstly, Freund Figure 3A shows Clients 310, LAN 320, Server 321 , Firewall 330, 
Internet 340, and Web servers 350. Nowhere in Figure 3A does Freund disclose "a main 
system coupled to storage- as Applicant has claimed. 

The cited reference [column 5, lines 9-27] states in part: 

The centralized supervisor application is installed on a computer on the LAN that can be reached from all 
workstations thai need access to the Internet; this is typically (although not necessarily 'i a server computer. The 
supervisor monitors whether a client has the hiter application loaded and provides the i liter application with the rules for 
the speeihc user or workstation, i he iiher application maintains a local copy of these rules so that rule enforcement 
continues even when the user accesses the Internet but bypasses the LAN (e.g., a mobile computer on the road). The 
communication between she client-based {liter and the centralized supervisor application, as well as between the 
supervisor application and the firewall, emplovs encryption to ensure secure communication and avoid any possible 
attack on that level. 
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The svstem of the present invention works together with existing firewalls which allow a program ("e.g.. the 
supervisor application) to ds'namically set the addresses of the workstations that should have access to the Internet. The 
supervisor application signals the hrewall which client applicalioas have been ' certified' so that the nrewall only grants 
Internet access to those clients. At the same time, a nrewall can continue to perform its usual duties, such as protecting 
the LAN Iroin outside intruders or protecting the LAh and server operating systemfs,). 

Secondly. Freund here is discussing a centralized supervisor application with rules 
and enforcement with computers attached via a server, and updates to a firewall on client 
applications thai have been "certified." Freund does not disclose "a communication 

subsystem coupled to the main system and a communication medium on one side 

of a firewall" as Applicant has claimed. 

The cited reference [coiusm 5, lines 34-503 slates: 

1. Client Monitor with Supervisor/Firewall Backup and Enforcement 

a) Installing at a particular client computer a client monitoring process; 

b) Installing at another computer on the local area network a supervisor process, which specifies rules which 

govern Internet access by the client computers including the particular client computer; 

c) Transmitting a filtered subset of the rules to the particular client computer; 

d) At the client monitoring process, trapping a request for Internet access from the particular client computer; 

e) Determining whether the request for Internet access would violate any of the rules transmitted to the 

particular client computer, and 

f) If the request for Internet access violates any of the rules transmitted to the particular client computer, 

denying the request for Internet access. 

Thirdly . Freund here is diSCUSSing "at a particular client computer a client monitoring process" and 
"at another computer on the local area network a supervisor process" and the monitoring process "t rapping a 
request for internet access". Trapping a request for Internet access is different than "a packet 

examining subsystem coupled to the communication subsystem" 3S Applicant has 

claimed, because trapping (Freund) is not the same as examining a packet (Applicant). 
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The cited reference [coium s, lines 13-27] states in part: 

IV. Monitoring User Interaction (e.g., key board 'mouse and the like) to Distinguish and Regulate Time Spent 
Onime; 

a) Client Monitor detects interactive commands (e g . keyboard/mouse) for an application that uses the Internet 

via "browsing" protocols (e.g., HTTP). 

b) Client monitor detenu ines whether the user interactively uses the Internet and restrict the activity if required. 

V. Using Client Monitor to Alleviate Network. Congestion 

a) Supervisor Application notifies client thai network is congested; and 

b) Client Monitor delays transmission of non-time critical information and data. 

VI. Using Local and Remote Stored Rules Databases to Allow Client Monitor Functioning Even if Supervisor 
Application is Not Available 

a) Client monitor attempts but is unable to access the supervisor application; and 

b) Access rules are still enforced because Client Monitor employs a local copy of rules (previously 

downloaded). 

Fourthly, nowhere in this cited section does Freund discuss or disclose - 

r - ~ v - -as 

Applicant has claimed. 

Applicant submits that for the above four reasons individually and/or in combination, 
Freund fails to disclose what Applicant has claimed in independent claim 1 7. Applicant 
respectfully requests allowance of claim 17 and claims 18-21 which are dependent on claim 
17. 

Claim 18 ...Rejection under 35 .U.S.C. § 102|b) - Freund 
The Office at 8 states: 

As to claim 18, Freund discloses that the packet examining subsystem extracts 

port information [column 16, lines 8-29], 
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Claim 1 8 is dependent on claim 1 7, and as detailed above in the claim 1 7 
discussion, Freund does not anticipate Applicant's independent claim 17. The additionai 
limitation in claim 18 is thus also not anticipated. Applicant respectfully requests allowance 
of claim 1 8 and further dependent claim 1 9. 

Claim 19 Refection under 35 U.S.G, § 102fb) - Freund 
The Office at 8 states: 

As to claim 19, Freund discloses that the packet examining subsystem 
extracts the port information based upon examining packet data content 
[column 16, lines 8-2 9] . 

Claim 1 9 is dependent on claim 1 8, which is dependent on claim 17, and as detailed 
above in the claim 17 discussion, Freund does not anticipate Applicant's independent claim 
17. The additional limitation in claim 19 is thus also not anticipated. Applicant respectfully 
requests allowance of claim 19. 

Claim 20 Rejection under 35 U.S.G, § 102lbl - Freund 
The Office at 6 states: 

As to claim 20, Freund discloses that the packet examining subsystem 
extracts address information [column 13.. lines 34-43] . 

Claim 20 is dependent on claim 17, and as detailed above in the claim 17 
discussion, Freund does not anticipate Applicant's independent claim 1 7. The additional 
limitation in claim 20 is thus also not anticipated. Applicant respectfully requests allowance 
of claim 20 and further dependent claim 21 . 

Claim 21 Rejection under 35 U.S.G, § 102(b) - Freund 
The Office at 6 states: 
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As to claim 21, Freund discloses; that the packet examining subsystem 
extracts the address information based upon examining packet data content 
[column 1 3 , I ines 3 4-43] . 



Claim 21 is dependent on claim 20, which is dependent on claim 17, and as detailed 
above in the claim 17 discussion, Freund does not anticipate Applicant's independent claim 
17. The additionai limitation in claim 21 is thus also not anticipated. Applicant respectfully 
requests allowance of claim 21 . 



The Office at 7 states: 

7. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Purtell st al U.S. Patent Ho, 6,950,947 Bl as applied to claim 1 above, and 
further in view of Bhide et al U.S. Patent Sto . 5,852,717. 

(Emphasis in original.) 

As to claim 4, Purtell et al does not teach initiating a HTTP 
connection that comprises initiating a HTTP connection to a predefined 
address using port 80 . 

Bhide et al teaches initiating a HTTP connection that, comprises 
initiating a HTTP connection to a predefined address using port 80 [column 5, 
lines 9-21] . 

Therefore, it would have been obvious to a person having ordinary skill 
in the art at the time the invention was made to have modified Purtell et al 
so that if a HTTP connection were to initiate between a client and server, it 
would have used a predefined address using port 80. 

It would have been obvious to a person having ordinary skill in the art 
at. the time the invention was made to have modified Purtell et al by the 
teaching of Bhide et al because it is well known in the art that a HTTP 
connection uses port 80. Establishing a connection involves one round- trip 
time from the client to the server as the client requests to open a network 
connection and the server responds that a network connection has been opened 
[column 5 r lines 9- 21] . 
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Claim 4 is dependent on claim 2, which is dependent on claim 1 . The issue of a 
102(e) Purtell rejection for claim 1 is addressed above and incorporated herein. As 
discussed above, Applicant's amended independent claim 1 now recites a limitation 
wherein the second connection is different than the first connection and the third 
connection is different than the second connection and the first connection upon which 
dependent claim 4 depends. Purtell fails to disclose a second and third connections that 
are each different. Bhide et al ("Snide") also fails to disclose a second and third 
connections that are each different. Purtell in view of Bhide also fails to disclose 
Applicant's limitation wherein the second connection is different than the first connection 
and the third connection is different than the second connection and the first connection. 
Applicant respectfully requests allowance of claim 4. 



Claims 5-9 Resection wider 35 U.S.C, § 1031a) - Purtell in view of Fuh 
The Office at 8 states: 

8. Claims 5-9 are rejected under 35 U*S,€» 103(a) as being unpatentable over 
Purtell st al U.S, Patent £?o, 6, 950,947 Bl as applied to claim 1 above, and 
further in view of Fuh et al U>S* Patent Mo. 6,609,154 Bl » 

(Emphasis in original.) 



Claims 5-7^ 

The Office at 8 states: 

As to claims 5-7 and 9, Purtell et al does not. teach that, initiating a 
HTTP connection via a proxy connection further comprises determining a likely 
proxy address and port. Purtell et al does not teach that determining a 
likely proxy address and port, further comprises packet, sniffing. Purtell et 
al does not teach that packet sniffing further comprises: sampling packets; 
extracting information from the sampled packets; and building a database of 
likely proxy addresses and ports. Purtell et at does not teach that 
extracting information from the sampled packets comprises examining TCP 
packets for HTTP data. 
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Fuh et. al teaches initiating a HTTP connection via a proxy connection 
further comprises determining a likely proxy address and port [column 13, 
lines 3-14] . [G^fTI 5J 

Fuh et. al teaches that determining a likely proxy address and port, 
further comprises packet sniffing [column 9, lines 51-67]. [Claim 6] 

Fuh et al teaches that packet sniffing further comprises: sampling 
packets; extracting information from the sampled packets; and building a 
database of likely proxy addresses and ports [column 9, lines 51-67] . [Claim 

71 

Fuh et al teaches that extracting information from the sampled packets 
comprises examining TCP packets for HTTP data [column 9, lines 51-6 7] , [Claim 
91 

[Bracketed boided added for ease of discussion] 

Therefore, it would have been obvious to a person having ordinary skill 
in the art at the time the invention was made to have modified Purteil et al 
so that there would have been a HTTP connection initiated via a proxy 
connection that would have determined a likely proxy address and port. 
Packet sniffing would have occurred during the determining step of the proxy 
address and port. The firewall packet, sniffing would have included sampling 
packets, extracting information from the packets and building a database of 
likely proxy addresses and ports. The extracted information would have come 
from examining TCP packets for HTTP data. 

It would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Purteil et al by the 
teaching of Fuh et. al because it makes sure that the client is authorized to 
communicate with a network resource [column 3, lines 54-60] , 

The ciled reference stales in part: 

[colujm 13, lines 3-14] 

As shown in block 738. the process wails. For example, after Authentication Proxy 400 sends the "Authentication 
Success" message 524 to User 302, the Authentication Proxy enters a wait state for a short, pre-determined period of 
time. During the wait state, a short period of time is allowed to elapse to enable client 306 and firewall router 210 to 
communicate handshaking messages and carry out related processing associated with establishing an HTTP connection. 



Response to OA of 01 -24-2006 



Page 20 of 39 



Application No. 09/759728 



The delay period also allows the firewall router enough time to execute any commands that are issued as part of block 
734. In one embodiment, a period of three (3) seconds elapses. 

[column 9 f lines 51-67] 

Access control lists filter packets and can prevent certain packets from entering or exiting a network. Hach ACL is a list 
of information that firewall router 210 may use to determine whether packets arriving at or sent from a particular 
interface may be communicated within or outside the firewall router. For example, in an embodiment, input ACL 424 
may comprise a list of IP addresses and types of allowable client protocols. Assume that firewall router 210 receives an 
inbound packet from client 306 at external interface 420 that is intended for target server 222. If the IP address of client 
306 is not stored in input ACL 424, then firewall router 210 will not forward the packet further within the circuitry or 
software of the firewall router. Output ACL 426 similarly controls the delivery of packets from firewall router 210 to 
resources located outside external interface 420. Input ACL 428 and output ACL 430 govern packet flow to or from 
internal interface 422. 

[column 3, lines 54-60] . 

In another feature, determining whether the client is authorized to communicate with the network resource 
comprises the steps of: determining whether a source IP address of the client in the request matches information in a 
filtering mechanism of the network device; and if so, determining whether the source IP address matches the 

authorization information stored in the network device. 

Applicant's claims 5-7 and 9 recite: 

5. (original) The method according to claim 2, wherein initialing a HTTP connection via a 
proxy connection further comprises determining a likely proxy address and port. 

8. (original) The method according to claim 5, wherein determining a likely proxy address 
and port further comprises packet sniffing. 

7. (original) The method according to claim 6, wherein packet sniffing further comprises: 
sampling packets; 

extracting information from the sampled packets; and 
building a database of likely proxy addresses and ports. 
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9. (original) The method according to claim 7, wherein extracting information from the 
sampled packets comprises examining TCP packets for HTTP data. 

Firstly, claims 5-7, and 9 are dependent on claim 2, which is dependent on claim 1 . 
The issue of a 102(e) Purtell rejection for claim 1 is addressed above and incorporated 
herein. As discussed above, Applicant's amended independent claim 1 now recites a 
limitation wherein the second connection is different than the first connection and the third 
connection is different than the second connection and the first connection upon which 
dependent claims 5-7, and 9 depend. Purtell fails to disclose a second and third 
connections that are each different. Fuh et al ("Fun") also fails to disclose a second and 
third connections that are each different. Purtell in view of Fuh also fails to disclose 
Applicant's limitation wherein the second connection is different than the first connection 
and the third connection is different than the second connection and the first connection. 
Applicant respectf Lilly requests allowance of claims 5-7, and 9. 

Specifically with respect to claim 5 

Applicant's claim 5 recites: 

5 von£5n<!<; I h„ sii^nVd ac^-rdm^ to clams 2. wherein initiating a HTTP connection via a proxy 
i,o»tsn,uon surthu oopipnses JoSwrnnnuu; t hVd\ ptoxy address and port. 
[Emphasis added.] 

Applicant's claim 5 is dependent on claim 2, which is in turn dependent on claim 
1 . The issue of a 1 02(e) Purtell rejection for claims 1 , and 2 are addressed above and 
incorporated herein. 

Applicant submits thai Fuh is fundamentally different than Applicant s claim S. While 
Applicant teaches determining a likely proxy address and port, Fuh (see Abstract) on the 
other hand teaches "network access control" and "intercept network 
traffic . " Further, Fuh Figure 2 at 21 0 clearly shows intercepting traffic to/from 208 
and 216 and the specification details authentication based on AA server 218 and Database 
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220. Network access control and intercepting network traffic (Fun) is not the same as 
determining a likely proxy address and port (Applicant's claim 5) 

Additionally, While the Office States "Fuh et al teaches initiating a HTTP 
connection via a proxy connection further comprises determining a 
likely proxy address and port [column 13, lines 3-14] . " Applicant 

submits that the.citedjines discuss the authentication process and do pojteach anything, 

about determining a like proxy address and port as in Applicant's claim 5. 

Finally, modifying PurteSI with Fuh does not disclose or make obvious the "firewall" 
aspect of claim 1 or the "determining a likely proxy address and port" aspect of claim 5, 
Applicant respectfully requests removal of this rejection for claim 5 and claims 8-9 which 
are dependent on claim 5. 



Specifically with respect to claim 6 

Applicant's claim 8 recites: 
6. (original) The method according to claim 5, wherein determining a likely proxy address and port 
further comprises packet sniffing. 
[Emphasis added.] 

The Office cites "uh for . . s . i , 

Applicant submits that Fuh actually teaches away from Applicant's claim 8. While 
Applicant teaches sniffing packets which does not involve altering in any way the 
communication, Fuh (see Abstract) on the other hand teaches network access control and 
intercepting network traffic. Intercepting network traffic (Fuh) is the antithesis of packet 
sniffing (Applicant). 

Further, Applicant submits that the cited iines discuss the Authentication and 
Authorization process and do not teach anything about determining a likely proxy address 
and port further comprises packetsniffing, as in Applicant's claim 8. Fuh at the lines cited 
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specifically says 



[Emphases added] 



Fun leaches away from packet sniffing and deals with filtering packets, not 
forwarding packets, and controlling delivery. 

Finally, modifying Purteil with Fun does not disclose or make obvious the "packet 
sniffing" aspect of claim 8. Applicant respectfully requests removal of this rejection for 
claim 8 and claims 7-9 which are dependent on claim 6. 

Specifically with respect to claim 7 

Applicant's claim 7 recites; 
7. (on\ -i . } lh%. >r.ali '0 ac^'dir.^ ;*> clam <>. Vvhcien: j. j .i.\o; sniffing further comprises: 

e\tKiv. ntii n k)in< ton sumi th- sanpLd p.vkoK ard 

The Office Cites Fuh for "Fuh et al teaches that packet sniffing 
further comprises: sampling packets; extracting information from 
the sampled packets; and building a database of likely proxy 
addresses and ports [column 9, lines 51-6 7] . " 

Applicant submits that the^jtedjines discuss the Authentication and Authorization 
process and do not teach anything about sampling packets: extracting information from the 
§g„[QEled„packets^^ as in 

Applicant's claim 7. 
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Fuh at the lines cited specifically' says " 



[Emphases added.] 

As discussed above for claim 8, Fuh teaches away, from packet sniffing and deals 
with filtering packets, not forwarding packets, and controlling delivery. 

Finally, modifying Purteli with Fuh does not disclose or make obvious the "sampling 
packets; extracting information from She sampled packets; and building a database of likely proxy 
addresses and ports" aspect of claim 7. Applicant respectfully requests removal of this 
rejection for claim 7 and claims 8-9 which are dependent on claim 7. 



Claim 8 Rejection under 35 U.S.C. § 103(a) - Purteli in view of Full 
The Office at 8 states: 

Ass to claim 8, Purteli et al teaches; that extracting information from the 
sampled packets comprises extracting TCP port information [column 1 line 50 
to column 2 line 3] . 



The cited reference states in part: 

Several authentication and authorization mechanisms are suitable for use with operating systems that are used 
by network devices, such as the Internetworking Operating System ("IOS") commercially available from Cisco Systems, 
Inc. However, most prior authentication and authorization mechanisms are associated with dial-up interfaces, which can 
create network security problems. In a dial-up configuration, a remote client uses a telephone line and modem to dial up 
a compatible modem that is coupled to a server of the network that the remote client wishes to access. In another dial-up 
configuration, a remote client first establishes a dial-up connection to a server associated with an Internet Service 
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Provider, and that server then connects lo the network server through the global, public, packet-switched internetwork 
known as the Internet. In this configuration., She network server is coupled directly or indirectly to the Internet. 

Unfortunately, information requests and other traffic directed at a network server from the Internet is normally 
considered risky, untrusted traffic. An organization that owns or operates a network server can protect itself from 
unauthorized users or from unwanted traffic from the Internet by using a firewall. . . 

Applicant's claim 8 recites: 

8. (original) The method according to claim 7. wherein extracting information from the sampled 
packets comprises extracting TCP port information. 

Claim 8 is dependent on claim 7, which is dependent on claim 8, which is dependent 
on claim 5, which is dependent on claim 2, which is dependent on claim 1 . The issue of a 
102(e) Purtell rejection for claim 1 is addressed above and incorporated herein. 

Applicant submits that nowhere in the cited section does Fuh mention what 
Applicant has claimed. Furthermore, nowhere does Fuh mention "extracting" TCP port 
information from sampled packets. Finally, modifying Purtell with Fuh does not disclose or 
make obvious "wherein extracting information from the sampled packets comprises extracting TCP 
port information" limitation of claim 8, Applicant respectfully requests removal of this 
rejection for claim 8, and allowance of claim 8. 

Claims 11 and 13 Rejection under 3§ U.S.C. § 103(a) - Purtell in vsew of Fuh 
The Office at 9 states: 

9. Claims 11 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Purtell et al U.S. Patent No. 6,950,947 Bl as applied to claim 1 above, 
and further in view of Fuh et al U.S. Patent Mo, 6,609,154 Bl. 

(Emphasis in original.) 

As to claiias 11 and 13 , Purtell et. al does not teach that initiating a 
HTTP connection via a proxy connection further comprises determining a likely 
proxy address by sampling packets and extracting IP and Ethernet addresses . 
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Fuh et. al teaches initiating a HTTP connection via a proxy connection 
further comprises determining a likely proxy address by sampling packets and 
extracting IP and Ethernet addresses [column 9, lines 51-67], 

Therefore, it would have been obvious to a person having ordinary skill 
in the art at: the time the invention was made to have modified Purtell et al 
so that a HTTP connection would have been initiated via a proxy connection 
and proxy addresses would have been determined by sampling packets and 
extracting IP and Ethernet address. 

It would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Purtell et al by the 
teaching of Fuh et al because it makes sure that the client is authorized to 
communicate with a network resource [coluan 3, lines 54-60]. 

(Emphases added.) 



The cited reference states in part; 

[column 9, lines 51-67] 

<V.cess control l<sr hltei packets and tan pre\ eni certain patket; from entering ui exiting a nelwoik Each VTL is a list 
ol information that firewall router 21 U may use to determine whether packets arriving at or sent from a particular 
interlace mav be communicated within or outside the iirewail router. For example, in an embodiment, input ACL 424 
may comprise a list of IP addresses and tvpes ol allowable client protocols. Assume that lirewall router 210 receives an 
inbound packet from client 30o at external interface 420 that is intended for target server 222. If the IP address of client 
30o is not stored in input ACL 424. then iirewail router 23 U will not forward the packet further within the circuitry or 
software of the firewall router. Output ACL 42o similarly controls the delivery ol packets from lirewall router 21 U to 
resources located outside external interlace 420. Input ACL 428 and output ACL 430 govern packet flow to or from 
internal interface 422, 



[column 3 f lines 54-60] 

In another leature, determining whether the client is authorized to communicate with the network resource 

(.'-irnpnses tr.e sic , <. i detei nmr^ whtthci a source IT adcics, <. i the ( a^n" :n tr.e k quest im lie he-* uif^rnatio'. in a 
filici iu> neehamsrr ol the new c rk cV\ ice, «nd i! n defcimin.itsj >\ hetha the sours. c I,' address matches the 
authorization information stored in the network device 



Applicant's claims 1 1 recites: 
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1 1. (original) The method according So claim 10. wherein initialing a HTTP connection via 

a proxy connection further comprises determining a likely proxy address by sampling packets and 

extracting IP addresses. 



As detailed above, Applicant submits that the cited lines discuss the Authentication 
and Authorization process and do not teach anything about determining a likely proxy 

addre i ss iii by niii samol i io i g packets „and extrac|ing IP addresses as in Applicant's claim 11. Fun 

at the lines csted specifically says ' • ' ^ 



[Emphases added.] 

Filtering packets and not forwarding packets (Fun) is not the same as sampling 
packets or extracting IP addresses (as in Applicant's claim 1 1). 

Finally, modifying Purteil with Fuh does not disclose or make obvious the 
"determining a likely proxy address by sampling packets and extracting IP addresses" aspect of 
claim 1 1 . Applicant respectfully requests removal of this rejection for claim 1 1 . 

Specifically with respect to claim 13 

Applicant's claim 13 recites: 
13. (original) The method according ?«.> ehim 12. wherein initiating a Hi i'l P correction via a proxy 
connection further comprises determining a likely proxy address b\ sampling packets at id extracting 

Ethernet addresses. 

As detailed above, Applicant submits that the cited lines discuss the Authentication 
and Authorization process and do not teach anything about determining a likely proxy 
address by sampling packets and extracting Ethernet addresses as in Applicant's claim 13. 
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Fuh at the lines csted specifically says 



[Emphases added] 

Filtering packets and not forwarding packets (Fuh) is not the same as sampling 
packets or extracting Ethernet addresses (as in Applicant's claim 13). 

Finally, modifying Purtell with Fuh does not disclose or make obvious the 
"determining a likely proxy address by sampling packets and extracting Ethernet addresses"' aspect 
of claim 13. Applicant respectfully requests removal of this rejection for claim 13. 

Claifrn 16 Rejection u 

Applicant's claim 18 recites: 

It. { <"s^ v*k»1) ibe Maebme-s mailable Medmm according So claim 15, further configuring said 
psoccw s to poi orr. the JV'lowin;; 

^\airsre !A,tvwjjk fMiVk ard 

M>:!d j d tfjbas' of p,« mvUMs i:kol\ to allow establishment of a HTTP connection via a 

proxy connection. 

The Office at 1 0 states: 

10, Claim IS is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Purtell et al U.S. Patent No, 6,950,947 Bl as applied to claim 14 above, and 
further in view of Linden at al U.S. Patent No, 6,549,773 Bl, 

(Emphasis in original.) 



As to claim 16 , Purtell et al teaches examining network traffic [columr 
5, lines 47-67] , 
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Purtell et al does not teach building a database of parameters likely 
to allow establishment of a HTTP connection via a proxy connection. 

Linden et al teaches building a database of parameters likely to allow 
establishment of a HTTP connection via a proxy connection [column 5, lines 
16-26] . 

Therefore, it. would have been obvious ... 

(Emphases added.) 



The died reference states in part: 

[column 5, lines 47-67] - PURTELL 

A hrewail 100 ma}' share CCBs iuO with another firewall 1 00 on the interna! network by pushing its own CCBs 
30U to one or more network peers, or bv pulling CCBs 300 irom one or more network peers. If the firewall loo pushes 
its CCBs 300 to a network peer, the firewall 100 makes a copv of the one or more CCBs 300 associated with its 1CP 
connections, and transmits those CCBs 3u0 to one or more other tirewalls lOU in a CCB update packet 400. In a 
pret erred embodiment, the iirewall 100 pushes a CCB update packet 400 to its network peers on a periodic basis; that 
period is preierablv iixecl and preterably chosen to be within the range ot one second to thirty seconds. A thirtv-second 
period is advantageously utilized, ui course, the period mav be less than one second or more than thirty seconds, 
depending on the speed ot the internal network 102 and the tirewalls 102, and the network conditions on the internal 
network 1 C It is al,o eon'emplated 'hat the pcmd betiAc transmission ot C ('B inda'e -vKket, 4'* ) n^ed not be iixed 
but mav vary depending on network conditions and on network traiiic through the tirewalls iOu between the internal 
network 1 C and the external ncN < rk lr4 It is al, -> >\ sth-n 'he ><cpi. c t the p"leTed e'nHxh.unt 'o L> 5 ue a ( \ "B u-' ia'.e 
packet 4 >o trora a M re will lono^.K >:",>t ik 1 -retail ]<)< maks i ek-a T> T conned ■<.:! "-.us illowmgtV hrev,all Ion 
to provide hsgnlv current network state data to its peers. 

Applicant submits that the cited lines in Purtell discuss the movement and updating 
ofcontroj^bjocks (CCB) and dojioUej^ as in 

Applicant's claim 18. 

[column 5, lines 16-26]- LINDEN 

A particular advantage ot the invention e.g. in connection with the WAP application protocol is that, it is 
pwiNe to eifkienth utilize functions connected nth the HTTP da! 1 transmission protocol ft she vVSrB proiocol 
already known as sueh These uuiude tor example ' /PT, VI I and P^ST lequest' ■ "onsequentK , the header fieids of 
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the HTTP protocol can also be utilized in the data transmission, as well as the headers of the HTTP protocol for 
authentication. Correspondingly, it is possible to utilize efficiently the methods of the WWW communication network 
for authorization or data transmission. 



Applicant submits that the cited lines of Linden et al ("Linden") discuss protocols and 
do not teach anything about building a database of parameters likely to allow establishment 
of a HTTP connection via a proxy connection as in Applicant's claim 1 8. 

Applicant submits that Purteii in view of Linden does not make obvious what is in 
Applicant's claim 16. Applicant therefore respectfully requests removal of this rejection for 
claim 18. 



Claims 24 and 2S under 35 U.S.C, § J.03fa}.-.P.H.rte|l.in.v.iew.of Fuh 

The Office at 1 1 states: 

II . Claisns 24 and 25 are rejected under 35 U. S.C. 103(a) as being 
unpatentable over Purtell et U.S, Patent No, 6,950,947 Bl as applied to 
claim 22 above, and further in view of Fuh et al U.S. Patent 3!fc . 6, 609, 154 
Bl. 

(Emphasis in original.) 

As to claA^...JA...and..J..5, Purtell et al does not teach means for 
initiating a HTTP connection via a proxy connection further comprises 
determining a likely proxy address by sniffing packets and extracting 
information from the packets. Purtell et al does not teach means for 
initiating a HTTP connection via a proxy connection further comprises 
determining a likely proxy address by receiving information from a computer 
connected to the firewall. 

Fuh teaches means for initiating a HTTP connection via a proxy 
connection further comprises determining a likely proxy address by sniffing 
packets and extracting information from the packets [caiman 9, lines 51-67]. 
Fuh teaches means for initiating a HTTP connection via a proxy connection 
further comprises determining a likely proxy address by receiving information 
from a computer connected to the firewall [column 9, lines 51-6 7] . 
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Therefore, it would have been obvious to a person having ordinary skill 
in the art at the time the invention was made to have modified Purtell et ai 
so that a HTTP connection would have been initiated via a proxy connection. 
The firewall would have sniffed packets and extracted information from the 
packets. Proxy addresses would have been determined by receiving information 
from the computer connected to the firewall. 

It would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Purtell et al by the 
teaching of Fuh et al because it makes sure that the client is authorized to 
communicate with a network resource [colvnan 3, lines 54-6 0] . 

(Emphases added.) 

The cited reference states in part: 

[column 9, lines 51-67] 

V s tontiM Is hlu. nk l m\ mrr <.n i i n p t Ut\ truii uifu n t o: <. Jtiru i rxl \ nk E u.h \( L is t h t 
^ nbi is t m Ih i iiKVi ill nuk _1< nn usi. n o lu m <. ^hniiu j^i ^ \ m l e it n si, t htn « kuhr 
tnf in. n \ ■> iniiiuniul <i w hi o LUt i U tin. itru S uitu rm. m\\<i n i aiU inun i put V 4^4 
n\\ itn i i h I i r tsmdt xsit Hon ib Usui pr )io t K U m tint *i i i *U tout i „ t it uvt s in 

tni xt ipKkUlnmt l n it in iUxknnh t eU l4j th It ink i. ^ ioi t f _,i I a Lr„22 If th P k iass -> diuit 
til n )f kitd l i put \ 424 th iin, % ill : n; u „]u ull ml It >\ m. « p ivk.Lt iu L h thin L cm it v oi 
i itw KLitb i * dl nut Output V 42h in \i \ mtaMhedU u-,tlpKket Srii Iik-a ill : xik _K n 
r suu' i 1 x ikd i ut s 1l t\t r nii m erixe !J "put V 1 IZ 1 " utd c „lput s. hi „os nt ■> itk t il ) \ t ) >r a n 
internal interface 422. 

[coluion 3, lines 54-60] 

In another feature, determining whether the client is authorized to communicate with the network resource 
comprises the steps of: determining whether a source IP address of the client in the request matches information in a 
filtering mechanism of the network device; and if so, determining whether the source IP address matches the 
authorization information stored in the network device. 

Specifically with respect to claim 24 
Applicant's claim 24 recites; 
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24. (original) The apparatus of claim 23, wherein means for initiating a HTTP connection via a 
proxy connection further comprises determining a likely proxy address by sniffing packets and 
extracting information from the packets. 
[Emphasis added.] 

Applicant submits that Fuh actually teaches away from Applicant's claim 24. While 
Applicant teaches sniffing packets which does not involve altering in any way the 
communication, Fuh (see Abstract) on the other hand teaches network access control and 
intercepting network traffic. Intercepting network traffic (Fuh) is the antithesis of packet 
sniffing (Applicant). 

Further, Applicant submits that the cited lines discuss the Authentication and 

Authorization process and do n ot .tea ch a. ny t h ing about d ete rm i n i n g a likely proxy address 

fcv ■tnjf;npijp,acket& and extracting information from the packets as m Applicant's claim 24 

Fuh at the lines cited specifically says ' 



[Emphases added.] 



Fuh teaches a away a from packet sniffing and deals with filtering packets, not 
forwarding packets, and controlling delivery. 

Claim 24 is dependent on claim 23, which is dependent on claim 22. The issue of a 
102(e) Purteil rejection for claim 22 is addressed above and incorporated herein. As 
discussed above Applicant's amended independent claim 22 now recites a limitation 
wherein the second connection is different than the first connection and the third 
connection is different than the second connection and the first connection upon which 
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dependent claim 24 depends. Fuh fails to disclose a second and third connections that are 
each different, Fuh also fails to disclose a second and third connections that are each 
different. Purteil in view of Fuh also fails to disclose Applicant's limitation wherein the 
second connection is different than the first connection and the third connection is different 
than the second connection and the first connection. Applicant respectfully requests 
allowance of claim 24. 

Finally, modifying Purteil with Fuh does not disclose or make obvious the "packet 
sniffing" aspect of claim 24. Applicant respectfully requests removal of this rejection for 
claim 24. 



S^ecJficaJly.with respect jo iM claJni 25 

Applicant s claim 25 recites 
25 {■<ngi$<,*!) 'His. appatatns of daim 21 v> herein means for initialing a HTTP connection via a 
pr>'\> >..or;;-K'>..non iinihcr *ompri\e\ dclormimne a likely proxy address by receiving information 
Hons «i uotnpister ^>nneaod to the fireball 
[Emphasis added.] 

The Office (page 9, paragraph 1 1 ) states: 
Fuh teaches means for initiating a HTTP connection via a proxy 
connection further comprises determining a likely proxy address by 
receiving information from a computer connected to the firewall 
[column 9, lines 51-67] . 

Applicant submits that the u c|edjines discuss the Authentication and Authorization 
process and do, n ot, te a c _h__ a n yt hi n g. a bo ut d ete rm i n i n g a likely proxy address by receiving 
information from a computer connected to the firewall as in Applicant's claim 25. 
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Fuh at the lines cited specifically says " 



[Emphases added.] 

Claim 25 is dependent on claim 23, which is dependent on claim 22. The issue of a 
1 02(e) PurteN rejection for claim 22 is addressed above and incorporated herein. As 
discussed above, Applicant's amended independent claim 22 now recites a limitation 
wherein the second connection is different than the first connection and the third 
connection is different than the second connection and the first connection upon which 
dependent claim 25 depends. Fuh fails to disclose a second and third connections that are 
each different. Fuh also fails to disclose a second and third connections that are each 
different. Purteil in view of Fuh also fails to disclose Applicant's limitation wherein the 
second connection is different than the first connection and the third connection is different 
than the second connection and the first connection. Applicant respectfully requests 
allowance of claim 25. 

Finally, modifying Purteil with Fuh does not disclose or make obvious the "receiving 
information from a computer connected to the firewall" aspect of claim 25. Applicant 
respectfully requests removal of this rejection for claim 25, 
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€|ajm2S undk^ 



The Office at 1 2 states: 

12, Claim 26 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Purtell et al U.S. Patent Ho. 6,950,947 131 as applied to claim 22 above, and 
further in view of Montenegro U.S. Patent No. 6,233,688 Bl. 

(Emphasis in original.) 

As to claim 2 6 , Purtell et al does not teach means for updating 
firewall traversal strategies, 

Montenegro teaches means for updating firewall traversal strategies 
[column 6, lines 49-65] , 

Therefore, it. would have been obvious to a person having ordinary skill 
in the art. at. the time the invention was made to have modified Purtell et al 
so that there would have been a firewall that had means for updated firewall 
traversal strategies . 

It would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Purtell et al by the 
teaching of Montenegro because it keeps the firewall up to date as fax: as 
addressed to block so that the client is not compromised at any time [coluian 
2, lines 7-21] . 

(Emphasis added.) 

The cited reference stales: 

[column 6, lines 49-65] 

Thi '] ->l kp n lo^mr i tt ut' ■> train beU oti fht hu u < 1 ik vil 1 1 u ! i ile t irxi the i ho ! 
}>pki!nni 'ooi'imth t ppiopiHto OJTITI "ep M n Tht d «u> \ ot tlx xt tit KMTIfR k uv is not i 
^ub]i it t i 'lie > attia] itvuifnn Ob' jm ri£ i OJTITI in* K ruhiAoi ui se\ i Jo us ( 1 ) obt'inin^ iS in pu on 
iron i y "en xlm is 1 ik ( ^ i \ is f np a sj e> nl 'u h pa<x ^ \u \ lutlxnl tkd , ,o nn utiles e "in. aipioii y \ 
PMT TJ hon EFu Uuo,ill i ^q. iv mp a dir U in. str x. sm h ^ J V, \F (I ijhi o,. ir >< JiMm AuissTrduil 
ir(4l» i* >'pi (.ord juut mfo tlv dxnf i iplk itim or s> kn The t ppiopinto OJTITI '*il dosi^ru'i pi mites 
ilkw np thi i. x*n' sWui k jot ->r \ iW ntnito! v ,xn es • c\£ rs J it 1 ti snspi.it tit than risi P ,Unl s<. ko's tt^ 1 

(Emphases added.) 

Ecolussn 2, lines 7-21] 
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The invention provides a generic naming scheme for remote access and tirewall traversal in the lorm ot a 
umiorm resource locator (KAFT URL). 1 h e RAr i \.<<\. may he p rovided lo any c hent a pp lication, regardless o! 
compatibility with the remote access'! irevval! traversal method, which then launches another executable module, the 
e xecutable mo dule perfo rms the remote accessdirewall traversal method and interacts with the op er ating envir on ment to 
obtain d ata trans p ort mechanism s, i hese mechanisms permit the client application to transact with private resources 
beyond the firewall. I he remote access'Sirewall traversal procedure is made transparent to the client application, and 
thus, a wider arras' ol client applications mav be chosen for the data session with the resources beyond the lirewali. 

(Emphases added.) 

Applicant's claim 28 recites: 

26. (original) The apparatus of claim 22. further comprising means for updating firewall traversal 
strategics. 

Applicant submits that Montenegro does not teach -means for updating firewall 
traversal strategies" . To the contrary at the cited reference lines Montenegro 
assumes that a RAFT URL exists (Tiv ,? \rr t x n> kpro idk im Jicnt vpik.uo i and then 
uses this to launch an executable to get through a firewall ( The executable module perform s the 
k - < > . ^\ ii u , rvt ^ eik< Montenegro does not disclose a means for "updating 
r ;e 4 S\u< v^al ,te^K , as Applicant has claimed. 

Claim 28 is dependent on claim 22. The issue of a 102(e) Purtell rejection for claim 
22 is addressed above and incorporated herein. As discussed above Applicant's amended 
independent claim 22 now recites a limitation wherein the second connection is different 
than the first connection and the third connection is different than the second connection 
and the first connection upon which dependent claim 26 depends. Montenegro fails to 
disclose a second and third connections that are each different. Montenegro also fails to 
disclose a second and third connections that are each different. Purtell in view of 
Montenegro also fails to disclose Applicant's limitation wherein the second connection is 
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different than the first connection and the third connection is different than the second 
connection and the first connection. Applicant respectfully requests allowance of claim 26. 

Finally, modifying Purteli with Montenegro does not disclose or make obvious "means 
for updating firewall traversal strategies" aspect of claim 28. Applicant respectfully requests 
removal of this rejection for claim 28. 
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CONCLUSION 

Applicant submits that the rejection of dependent claims not specifically addressed, 
are addressed by Applicant's arguments to the claim(s) on which they depend. 

Applicant respectfully submits that all claims are in condition for allowance and 
request such. 
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